Ejemplo n.º 1
0
 def getResponse(self,buff,srcaddr):
     from helper import fingerPrintPacket,getTag
     srcip,srcport = srcaddr
     uaname = 'unknown'
     if buff.startswith('OPTIONS ') \
         or buff.startswith('INVITE ') \
         or buff.startswith('REGISTER '): 
         if self.externalip == srcip:
             self.log.debug("We received our own packet from %s:%s" % srcaddr)
         else: 
             self.log.info("Looks like we received a SIP request from %s:%s"% srcaddr)
             self.log.debug(repr(buff))            
         return
     self.log.debug("running fingerPrintPacket()")
     res = fingerPrintPacket(buff)
     if res is not None:
         if res.has_key('name'):
             uaname = res['name'][0]
         else:
             uaname = 'unknown'
             self.log.debug(`buff`)
         if self.fpworks:
             try:
                 fp = self.sipfingerprint(buff)
             except:
                 self.log.error("fingerprinting gave errors - will be disabled")
                 self.fpworks = False
         if not self.fpworks:
             fp = None
         if fp is None:
             if self.fpworks:
                 fpname = 'unknown'
             else:
                 fpname = 'disabled'
         else:
             fpname = ' / '.join(fp)
         self.log.debug('Fingerprint: %s' % fpname)
         self.log.debug("Uaname: %s" % uaname)
         #print buff
         originaldst = getTag(buff)
         try:
             dstip = socket.inet_ntoa(pack('!L',int(originaldst[:8],16)))
             dstport = int(originaldst[8:12],16)
         except (ValueError,TypeError,socket.error):
             self.log.debug("original destination could not be decoded: %s" % (originaldst))
             dstip,dstport = 'unknown','unknown'            
         resultstr = '%s:%s\t->\t%s:%s\t->\t%s\t->\t%s' % (dstip,dstport,srcip,srcport,uaname,fpname)
         self.log.info( resultstr )
         self.resultip['%s:%s' % (srcip,srcport)] = '%s:%s' % (dstip,dstport)
         self.resultua['%s:%s' % (srcip,srcport)] = uaname
         self.resultfp['%s:%s' % (srcip,srcport)] = fpname
         if self.sessionpath is not None and self.dbsyncs:
                 self.resultip.sync()
                 self.resultua.sync()
                 self.resultfp.sync()
     else:
         self.log.info('Packet from %s:%s did not contain a SIP msg'%srcaddr)
         self.log.debug('Packet: %s' % `buff`)
Ejemplo n.º 2
0
                    toaddr,
                    options.bindingip,
                    selecttime=options.selecttime,
                    method='OPTIONS',
                    noisy=True,
                    samples=options.samples,
                    localip=options.externalip)
 except KeyboardInterrupt:
     pass
 print
 if len(responses) < 1:
     logging.warn("no response")
     sys.exit(1)
 totagregex, statichashes = getfingerprints(responses)
 response = 'Boo!'
 fp = fingerPrintPacket(responses[0])
 if fp.has_key('name'):
     defaultua = fp['name'][0]
     defaultuastr = '[%s]' % defaultua
 else:
     defaultua, defaultuastr = '', '(could not guess name - please specify)'
 if options.auto:
     # non interactive mode
     servername = defaultua
 else:
     # interactive friendly mode
     try:
         ok = prompt_yesno("Would you like to define this fingerprint? [Y]",
                           "y")
         if not ok:
             sys.exit(1)
Ejemplo n.º 3
0
         options.bindingip,
         selecttime=options.selecttime,
         method='OPTIONS',
         noisy=True,
         samples=options.samples,
         localip=options.externalip
         )
 except KeyboardInterrupt:
     pass
 print
 if len(responses) < 1:
     logging.warn("no response")
     sys.exit(1)
 totagregex,statichashes = getfingerprints(responses)
 response = 'Boo!'
 fp = fingerPrintPacket(responses[0])
 if fp.has_key('name'):
     defaultua = fp['name'][0]
     defaultuastr = '[%s]' % defaultua
 else:
     defaultua, defaultuastr = '','(could not guess name - please specify)'
 if options.auto:
     # non interactive mode
     servername = defaultua        
 else:
     # interactive friendly mode
     try:
         ok = prompt_yesno("Would you like to define this fingerprint? [Y]","y")
         if not ok:
             sys.exit(1)    
         if options.re: